This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 11%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMC%3C/text%3E%3C/svg%3E)
Hello!
I've been testing with Certificate Wi-Fi in our environment using EAP-TLS, however I'm running into a peculiar issue where only the Acer Spin 5, model SP513-52N will not connect to the network. It has the same certificates and configuration as other models in our fleet (Lenovos, Dell, etc.) and they all connect just fine, but the Spin 5s in particular will not.
Some details, this is an WPA2-Enterprise network using device certificates issued from our on-prem Ruckus CloudPath server. I receive a "Can't connect to this network." error. In the RADIUS logs, I get entries such as: "ERROR: (TLS) TLS - Alert read:fatal:access denied"
"eap_tls ERROR: (TLS) Failed reading from OpenSSL:…"
"ERROR: (TLS) Cannot continue, as the peer is misbehaving."
"ERROR: … EAP sub-module failed. Sending EAP Failure (code 4)"
I also threw this over in the Acer support forums since it's device-specific in our environment, but also wanted to post here just in case there are some general other troubleshooting steps that I've missed or overlooked that anyone can think of. So far, I've just done usual troubleshooting in terms of running any and all updates (both Win 10 and Win 11) for OS and Drivers, and even swapped out the Wi-Fi card for known working ones from other devices, renewing the certificate each time before trying to connect.
Any help would be appreciated. Thank you!
Solution: It turned out to be a bug in our version of Ruckus Cloudpath ES (6.0.5816) that they have identified and addressed in the next release of the software. It has to do with RSA-PSS signature and the TPM.
I was able to get this device working from a workaround detailed here.
Prior to this discovery, we had confirmed all of the above steps listed and tried different Wi-Fi cards.
Thank you!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 11%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJZ%3C/text%3E%3C/svg%3E)
Hello,
Thank you for posting in Q&A forum.
To further troubleshoot this issue, please kindly try below steps:
1.Ensure that the correct certificates are properly installed and trusted on the device in adapter properties.
2.Check if the EAP-TLS authentication method is configured on RADIUS server.
3.Ensure that the server certificate is trusted by the client.
4.Capture the network trace by network monitor or wireshark and check if there's any insight in the trace.
I hope the information above is helpful.
If you have any questions or concerns, please feel free to let us know.
Best regards,
Jill Zhou
If the Answer is helpful, please click "Accept Answer" and upvote it.
